Members of the cyber-crime group responsible for the GozNym malware have been captured following an operation that spanned six countries and ended at The Hague.
Ten members of the gang were captured, although it’s thought there are five more Russian nationals still on the run. Those captured by police include the leader of the GozNym network and a gang member who encrypted the malware to ensure it evaded detection. However, one that’s so far evaded capture is thought to have been GozNym’s original creator, and the individual who leased it out to other criminals.
GozNym infected users’ devices with the aim of capturing banking details. It enabled the group to steal and launder money, resulting in a haul thought to be worth around $100 million (£77 million). In total, some 41,000 people were thought to have been victims – among them small business owners, international corporations, law firms and non-profit organisations.
GozNym was so effective because it merged two existing pieces of malware (Gozi and Nymaim – hence the name) to create what security experts called a “two-headed monster”. Gozi steals financial information, whilst Nymaim is a ‘dropper’ – one that’s used to sneak malware onto a device.
Though GozNym was devastatingly effective, this alone wasn’t the most worrying thing, computer scientist at the University of Surrey, Prof Alan Woodward, told the BBC. Instead, businesses should be more alarmed at the ease in which malware such as this is being rented out to other budding cyber criminals. This means would-be hackers don’t need to spend time learning to code such a piece of software but can instead – relatively easily – hire out a copy for themselves.
“Crime as a Service”, as Prof Woodward called it, is bringing more gangs into this world, as they realise its not just more efficient than the likes of drug dealing, but often more lucrative too.